Incomex AI Portal
KB-6814 rev 6

Context Pack: Infrastructure

5 min read Revision 6

Context Pack: Infrastructure

Load this pack for any deployment or infrastructure task. Last updated: 2026-03-17 S128-C DB: PostgreSQL 16 SOLE. MySQL/Firestore RETIRED. GCP: CHỈ Secret Manager.

VPS Server (Primary Production — ALL services)

Key Value
Provider Contabo Cloud VPS 20
IP 38.242.240.89
OS Ubuntu 24.04.4 LTS
Resources 6 vCPU, 12GB RAM, 100GB NVMe
Cost $7.95/month

Docker Stack (/opt/incomex/docker/)

Container Port Domain Purpose
nginx 80, 443 *.incomexsaigoncorp.vn Reverse proxy + SSL
agent-data 8000 vps.../api Knowledge management API
directus 8055 directus.../ops... CMS / Admin UI
nuxt 3000 vps... Frontend SSR
qdrant 6333 (internal) Vector database
postgres 5432 (internal) PostgreSQL 16 — SOLE database

RETIRED (S109-S111): MySQL, Firestore, GCS, Cloud Run, App Engine, Artifact Registry.

Database

PostgreSQL 16 = SOLE relational database (Directus + business data)
Qdrant = Vector database (embeddings)
  • 17 PG triggers counting, 19+ auto_code, 21 validate_origin, 20+ label_assign
  • test_counting_contract() 7/7 PASS, verify_counts() 0 MISMATCH
  • CI Guard counting contract LIVE (S128-C)

Domains

Domain Target Purpose
vps.incomexsaigoncorp.vn 38.242.240.89 Nuxt frontend + Agent Data API (/api)
directus.incomexsaigoncorp.vn 38.242.240.89 Directus admin
ops.incomexsaigoncorp.vn 38.242.240.89 Directus public alias
ai.incomexsaigoncorp.vn 38.242.240.89 Alias (Firebase CDN deprecated)

GCP — CHỈ CÒN SECRET MANAGER

MIGRATION HOÀN TẤT (S109-S111, GCP Cleanup S127). Firestore/GCS/Cloud Run/App Engine ĐÃ XOÁ/TẮT. Chi phí GCP dự kiến: ~₫2,000/tháng (chỉ SM).

Key Value
Project ID github-chatgpt-ggcloud
Service Account chatgpt-deployer@github-chatgpt-ggcloud.iam.gserviceaccount.com

Secret Manager (14 secrets)

Secret Name Purpose
AGENT_DATA_API_KEY API auth
OPENAI_API_KEY OpenAI embeddings
QDRANT_URL Qdrant Cloud URL
Qdrant_agent_data_N1D8R2vC0_5 Qdrant Cloud API key
gh_pat_sync_secrets GitHub PAT
smtp-password-nmhuyen SMTP credentials
vps_contabo_id VPS customer ID
vps_contabo_secret VPS password
GCS_BUCKET_BACKUP Backup config
MYSQL_ROOT_PASSWORD Legacy (có thể xoá)
POSTGRES_DB PG database name
POSTGRES_PASSWORD PG password
POSTGRES_USER PG user
QDRANT_LOCAL_API_KEY Local Qdrant

RETIRED GCP Resources

  • App Engine: DISABLED (S127 GCP Cleanup)
  • Artifact Registry: DELETED (2 repos)
  • Cloud Storage: DELETED (logs, snapshots, functions). Chỉ giữ tfstate.
  • Cloud Run: DELETED
  • Firestore: DELETED/DISABLED
  • 2 projects cũ: SHUTDOWN (chỉ giữ github-chatgpt-ggcloud)

Deployment — GH Actions Auto-Deploy (S127-E)

Repo Trigger Cơ chế
web-test Merge to main GH Actions → SSH → VPS → docker compose up nuxt
agent-data-test Merge to main (agent_data/ + dot/ + Dockerfile + requirements) GH Actions → rsync → VPS → docker build + up 
# Manual deploy (nếu cần)
ssh contabo
cd /opt/incomex/docker
docker compose up -d <service>

VPS Operations

Backups

What Schedule Script Retention
PostgreSQL Daily 2AM pg-backup.sh 7 days
Qdrant Daily 3AM qdrant-backup.sh 7 days (~11MB)
Disk Hourly disk-monitor.sh Auto-prune at 85%

Health Check

curl -s https://vps.incomexsaigoncorp.vn/api/health | python3 -m json.tool

CI Health Check includes: counting contract, Qdrant status, vector orphans, registry coverage.

Common Commands

ssh contabo
docker ps
docker logs agent-data --tail 100
docker restart agent-data

DOT Tools (dot/bin/)

Command Purpose
dot-ai-start Start all local services
dot-registry-integrity-check --cloud Verify counting + coverage + health
dot-pg-views-ensure --cloud Update PG functions + triggers
dot-schema-meta-catalog-ensure --cloud Ensure meta_catalog schema
dot-permission-ensure Set Directus permissions via DOT
dot-vector-audit Audit vector/document parity
  • Operating Rules: search_knowledge("operating rules SSOT")
  • Data Sync Architecture: search_knowledge("data sync architecture")
  • VPS Architecture: search_knowledge("VPS architecture")
  • Tech Debt: search_knowledge("tech debt")